<?php

define("_access",1);
include("../include/defend.php");
include("../include/db.config.php");
@session_start();
$verify=$_POST['Verify'];
$verify_=$_SESSION['verify'];
if(!isset($verify)||$verify!=$verify_){
      echo '<script charset="UTF-8">alert("验证码错误！");location.href="./index.html";</script>';
      die();
}
if(!isset($_POST['username']) || !isset($_POST['password'])) {
	print_r("<script language='javascript' type='text/javascript'>alert('用户名或密码错误');window.location.href='./index.html'</script>");
	die();
}
$username = $_POST['username'];
$password = "CUMTCTF950123".$_POST['password'];
$sql = "select * from admin where username='".$username."'";
$result = getOne($sql);
if($result['password']=== md5($password)){
	$_SESSION['login']=1;
	print_r("<script language='javascript' type='text/javascript'>window.location.href='./manage.php'</script>");
}else{
	print_r("<script language='javascript' type='text/javascript'>alert('用户名或密码错误');window.location.href='./index.html'</script>");
	
}